In message <20010803170051979391.437@alongtheway.com>, Jim Breton writes:
>On Fri, Aug 03, 2001 at 04:15:21AM -0500, Dave Huang wrote:
>> Set a root password and mark the console as insecure. You'll need to
>> enter the password to get to a single-user mode shell.
>
>Thanks, that does help. However one could still put a floppy in the
>drive, and at the boot prompt, type "fd0a:/bsd" or whatever to boot from
>that disk. Any way around this?
>
Change the boot order in the BIOS, and set a BIOS password. NetBSD
can't fix that; the attack happens before you get to NetBSD.
--Steve Bellovin, http://www.research.att.com/~smb